Date: Wed, 3 Dec 1997 12:45:28 -0800 (PST) From: dima@best.net (Dima Ruban) To: cschuber@uumail.gov.bc.ca Cc: assar@sics.se, dima@best.net, mohacsi@fsz.bme.hu, freebsd-security@freebsd.org Subject: Re: Kerberos 5 or Kerberos IV or DCE? Message-ID: <199712032045.MAA06343@burka.rdy.com> In-Reply-To: <199712031551.HAA04971@cwsys.cwsent.com> from Cy Schubert - ITSD Open Systems Group at "Dec 3, 97 07:50:40 am"
next in thread | previous in thread | raw e-mail | index | archive | help
Cy Schubert - ITSD Open Systems Group writes: > > dima@best.net (Dima Ruban) writes: > > > > Heimdal? I there a working version of DCE for FreeBSD? > > > > > > Last time I've checked Heimdal - it had too many problems and was _not_ > > > compatible with krb5 from MIT. It was about 2 month ago. > > > > There has been progress. It's not perfect, but it does work under > > FreeBSD (my laptop runs FreeBSD, so...). > > I've had KRB5 beta 6 through 1.0.3 running on FreeBSD for over a year. The > only problem is that the Kerberos distribution doesn't perform lastlogin under > FreeBSD, because FreeBSD does not have a lastlog.h (the struct is defined in > utmp.h). A small patch fixes this. I'll be submitting this to MIT when I get > a chance (probably this weekend). I've already done that. It's gonna be (hopefully) included with the next release. Meanwhile, I can put my krb5 patches on my ftp site, if anybody is interested. And, by the way, lastlog stuff is not the only problem. > Other KRB5 problems are not specific to FreeBSD and are usually fixed by the > ANL patches, which usually get rolled into the next release by MIT. > > A port should be simple to create, however it could not fetch the source into > distfiles: This would have to be performed by the sysadmin. Configuration is > simple. I use; > > /configure --with-cc=gcc --with-aname-db=db --with-kdb-db=db > --prefix=<choose your direcotry> --with-ccopts=-O You don't need to specify db stuff in the release, it does berkeley db by default. > The --with-krb4 option is only required if you use a KRB4 client like sudo or > popper. If memory serves, KerbNet has popper with krb5 patches. > > > > /assar > > > > > > Regards, Phone: (250)387-8437 > Cy Schubert Fax: (250)387-5766 > UNIX Support OV/VM: BCSC02(CSCHUBER) > ITSD BITNET: CSCHUBER@BCSC02.BITNET > Government of BC Internet: cschuber@uumail.gov.bc.ca > Cy.Schubert@gems8.gov.bc.ca > > "Quit spooling around, JES do it." > > -- dima
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199712032045.MAA06343>